Create samba shares

This commit is contained in:
♥ Minnie ♥ 2024-06-03 21:10:23 +08:00
parent 29e0251a95
commit 958f1e7042
Signed by: jasmine
GPG key ID: 8563E358D4E8040E
7 changed files with 94 additions and 0 deletions

View file

@ -0,0 +1,21 @@
{ config, ... }:
{
age.secrets.smb-secrets = {
rekeyFile = ./smb-secrets.age;
};
fileSystems."/home/sajenim/.backup" = {
device = "//192.168.1.102/sajenim";
fsType = "cifs";
options = let
automount_opts = "x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s,user,users";
in ["${automount_opts},credentials=/etc/nixos/smb-secrets,uid=1000,gid=100"];
};
environment.etc = {
"nixos/smb-secrets".source = config.age.secrets.smb-secrets.path;
};
}

View file

@ -0,0 +1,7 @@
age-encryption.org/v1
-> piv-p256 hdSnGw AuXEhgAyxDSAP0HbRE1g0HOaEp9x76AD+681RMOReayb
0fpWaqClsG3wrak0hnU+nB6Dpmdv11CgCl81P5CuwcQ
-> q]sfNw0}-grease {sq
V6m76C8Jvng8SPHoPvyocYo
--- SaJq9U29eLJm6aM9OfiMlINa9rhZ1wy0ZtYU/U1D6BM
y Yºœ_;2&C5> ëjFÄjl^iàè¶pâ=Âh @(.<2E>0¼A†]®Zd¸,ë!Im¯6âå™à“˾=ãÈa f

View file

@ -4,6 +4,7 @@
imports = [ imports = [
../common/global ../common/global
../common/users/sajenim ../common/users/sajenim
../common/users/sajenim/samba
../common/users/sajenim/steam ../common/users/sajenim/steam
../common/optional/key.nix ../common/optional/key.nix

View file

@ -35,6 +35,12 @@
options = [ "subvol=containers" "compress=zstd" ]; options = [ "subvol=containers" "compress=zstd" ];
}; };
fileSystems."/srv/shares" = {
device = "/dev/disk/by-label/data";
fsType = "btrfs";
options = [ "subvol=shares" "compress=zstd" ];
};
fileSystems."/srv/backup" = { fileSystems."/srv/backup" = {
device = "/dev/disk/by-label/data"; device = "/dev/disk/by-label/data";
fsType = "btrfs"; fsType = "btrfs";

View file

@ -8,6 +8,12 @@
]; ];
encryption.mode = "none"; encryption.mode = "none";
repo = "/srv/backup/borg/containers"; repo = "/srv/backup/borg/containers";
shares = {
paths = [
"/srv/shares"
];
encryption.mode = "none";
repo = "/srv/backup/shares";
compression = "auto,zstd"; compression = "auto,zstd";
startAt = "daily"; startAt = "daily";
}; };

View file

@ -7,5 +7,6 @@
./borgbackup.nix ./borgbackup.nix
./forgejo.nix ./forgejo.nix
./mpd.nix ./mpd.nix
./samba.nix
]; ];
} }

View file

@ -0,0 +1,52 @@
{ ... }:
{
services.samba = {
enable = true;
securityType = "user";
openFirewall = true;
extraConfig = ''
workgroup = WORKGROUP
server string = smbnix
netbios name = smbnix
security = user
#use sendfile = yes
#max protocol = smb2
# note: localhost is the ipv6 localhost ::1
hosts allow = 192.168.1.101 192.168.1.108 127.0.0.1 localhost
hosts deny = 0.0.0.0/0
guest account = nobody
map to guest = bad user
'';
shares = {
spectre = {
path = "/srv/shares/spectre";
browseable = "yes";
"read only" = "no";
"guest ok" = "no";
"create mask" = "0644";
"directory mask" = "0755";
"force user" = "spectre";
"force group" = "users";
};
sajenim = {
path = "/srv/shares/sajenim";
browseable = "yes";
"read only" = "no";
"guest ok" = "no";
"create mask" = "0644";
"directory mask" = "0755";
"force user" = "sajenim";
"force group" = "users";
};
};
};
services.samba-wsdd = {
enable = true;
openFirewall = true;
};
networking.firewall.enable = true;
networking.firewall.allowPing = true;
}